Abstract
We (re-) introduce the Reduce-By-Feedback scheme given by Vielhaber (1987), Benaloh and Dai (1995), and Jeong and Burleson (1997).
We show, how to break RSA, when implemented with the standard version of Reduce-by-Feedback or Montgomery multiplication, by Differential Power Analysis. We then modify Reduce-by-Feedback to avoid this attack. The modification is not possible for Montgomery multiplication.
We show that both the original and the modified Reduce-by-Feedback algorithm resist timing attacks.
Furthermore, some VLSI-specific implementation details (delayed carry adder, re-use of MUX tree and logic) are provided.
Chapter PDF
Similar content being viewed by others
Keywords
References
Benaloh, J., Dai, W.: Fast Modular Reduction. In: CRYPTO 1995 Rump Session (1995)
Beth, T., Gollmann, D.: Algorithm engineering for public key algorithms. IEEE J. SAC 7(4), 458–466 (1989)
Brickell, E.F.: A Fast Modular Multiplication Algorithm with Applications to Two Key Cryptography. In: Proc. CRYPTO 1982, pp. 51–60. Plenum Press (1983)
Chari, S., Rao, J.R., Rohatgi, P.: Template Attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13–28. Springer, Heidelberg (2003)
Elbirt, A.J., Paar, C.: Towards an FPGA architecture optimized for public-key algorithms. In: The SPIE’s Symposium on Voice, Video, and Communications, Boston (1999)
Guajardo, J., Kumar, S.S., Paar, C., Pelzl, J.: Efficient Software–Implementation of Finite Fields with Applications to Cryptography. Acta Appl. Math. 39, 75–118 (2006)
Jeong, Y.-J., Burleson, W.P.: VLSI array algorithms and architectures for RSA modular multiplication. IEEE Trans. VLSI Systems 5(2), 211–217 (1997)
Joye, M.: Highly Regular Right-to-Left Algorithms for Scalar Multiplication. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 135–147. Springer, Heidelberg (2007)
Kocher, P.C.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)
Kocher, P.C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)
Miyamoto, A., Homma, N., Aoki, T., Satoh, A.: Enhanced Power Analysis Attack Using Chosen Message against RSA Hardware Implementations. In: ISCAS 2008, Seattle, pp. 3282–3285 (2008)
Montgomery, P.L.: Modular Multiplication without trial Division. Math. Comp. 44, 519–521 (1985)
Schindler, W.: A Timing Attack against RSA with the Chinese Remainder Theorem. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 109–124. Springer, Heidelberg (2000)
Sedlak, H., Golze, U.: An RSA Cryptography processor. In: Proc. Euromicro 1986, Microprocessing and Microprogramming, vol. 18, pp. 583–590 (1986)
Vielhaber, M.: Entwurf und Layout eines RSA-Koprozessors für Chipkarten. Diploma Thesis, TH Karlsruhe (KIT) (1987)
Vielhaber, M.: The Karlsruhe RSA Co-processor: ISDN Network Security by RSA encryption, E.I.S.S. Report 89/14a, European Institute for System Security, Karlsruhe (1990)
Vielhaber, M.: Der Karlsruher RSA Koprozessor: Verschlüsseln mit RSA im ISDN-Netz, E.I.S.S. Report 89/14, European Institute for System Security, Karlsruhe (1990)
Yen, S.-M., Lien, W.-C., Moon, S.-J., Ha, J.C.: Power Analysis by Exploiting Chosen Message and Internal Collisions – Vulnerability of Checking Mechanism for RSA-Decryption. In: Dawson, E., Vaudenay, S. (eds.) Mycrypt 2005. LNCS, vol. 3715, pp. 183–195. Springer, Heidelberg (2005)
USPTO Patent US5724279: Computer-implemented method and computer for performing modular reduction, Applicants: Josh Benaloh, Wei Dai
Deutsches Patentamt, DE P 3924344 Multiplikations-/Reduktionseinrichtung. Vielhaber, Michael Johannes, Anmelder (1992)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 International Association for Cryptologic Research
About this paper
Cite this paper
Vielhaber, M. (2012). Reduce-by-Feedback: Timing Resistant and DPA-Aware Modular Multiplication Plus: How to Break RSA by DPA. In: Prouff, E., Schaumont, P. (eds) Cryptographic Hardware and Embedded Systems – CHES 2012. CHES 2012. Lecture Notes in Computer Science, vol 7428. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33027-8_27
Download citation
DOI: https://doi.org/10.1007/978-3-642-33027-8_27
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-33026-1
Online ISBN: 978-3-642-33027-8
eBook Packages: Computer ScienceComputer Science (R0)